374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853

Analysis

max time kernel
148s
max time network
179s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
27-11-2022 16:21

Target

374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe
Size

507KB
MD5

e74f0bdc864e9d7326498848ee2b06a9
SHA1

a7834b87c319b2fb777f8cbb3246177e735ed1fc
SHA256

374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853
SHA512

279eb6717638294bf06c72fb68dd869380d95afb6ea3c0e488fe6d3862f8170b2b2bc801d333506d59ebe3313bce6ef3464b805b8d4e53abc7fe12b071f4f949
SSDEEP

6144:H929fTD8zC/DBSV94ALf08ZYL92hfpkUS2KVT2WDvR1aV3KCzIcN5fcFkJrGXW:d21nqcLLgxS9+z4HXW

Score

1^/10

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 3372	2236	374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe	86
PID 2236 wrote to memory of 3372	2236	374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe	86
PID 2236 wrote to memory of 3372	2236	374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe	86
PID 2236 wrote to memory of 3688	2236	374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe	87
PID 2236 wrote to memory of 3688	2236	374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe	87
PID 2236 wrote to memory of 3688	2236	374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe	87

C:\Users\Admin\AppData\Local\Temp\374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe
"C:\Users\Admin\AppData\Local\Temp\374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Users\Admin\AppData\Local\Temp\374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe
  start
  2⤵
  PID:3372
- C:\Users\Admin\AppData\Local\Temp\374705e419a37fd5a188d48e8a01cdc44cc8a9e233f27f35e79a64f01a52f853.exe
  watch
  2⤵
  PID:3688

memory/2236-132-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2236-135-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/3372-133-0x0000000000000000-mapping.dmp

Download
memory/3372-136-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/3372-138-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/3372-140-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/3688-134-0x0000000000000000-mapping.dmp

Download
memory/3688-137-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/3688-139-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/3688-141-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download